static int
put_filter_list( BerElement *ber, char *str, ber_tag_t tag )
{
char *next = NULL;
char save;
Debug( LDAP_DEBUG_TRACE, "put_filter_list \"%s\"\n",
str, 0, 0 );
while ( *str ) {
while ( *str && LDAP_SPACE( (unsigned char) *str ) ) {
str++;
}
if ( *str == '\0' ) break;
if ( (next = find_right_paren( str + 1 )) == NULL ) {
return -1;
}
save = *++next;
/* now we have "(filter)" with str pointing to it */
*next = '\0';
if ( ldap_pvt_put_filter( ber, str ) == -1 ) return -1;
*next = save;
str = next;
if( tag == LDAP_FILTER_NOT ) break;
}
if( tag == LDAP_FILTER_NOT && ( next == NULL || *str )) {
return -1;
}
return 0;
}
static int filter2ber( char *filter )
{
int rc;
struct berval bv = BER_BVNULL;
BerElement *ber;
printf( "Filter: %s\n", filter );
ber = ber_alloc_t( LBER_USE_DER );
if( ber == NULL ) {
perror( "ber_alloc_t" );
return EXIT_FAILURE;
}
rc = ldap_pvt_put_filter( ber, filter );
if( rc < 0 ) {
fprintf( stderr, "Filter error!\n");
return EXIT_FAILURE;
}
rc = ber_flatten2( ber, &bv, 0 );
if( rc < 0 ) {
perror( "ber_flatten2" );
return EXIT_FAILURE;
}
printf( "BER encoding (len=%ld):\n", (long) bv.bv_len );
ber_bprint( bv.bv_val, bv.bv_len );
ber_free( ber, 1 );
return EXIT_SUCCESS;
}
Filter *
str2filter_x( Operation *op, const char *str )
{
int rc;
Filter *f = NULL;
BerElementBuffer berbuf;
BerElement *ber = (BerElement *)&berbuf;
const char *text = NULL;
Debug( LDAP_DEBUG_FILTER, "str2filter \"%s\"\n", str, 0, 0 );
if ( str == NULL || *str == '\0' ) {
return NULL;
}
ber_init2( ber, NULL, LBER_USE_DER );
if ( op->o_tmpmemctx ) {
ber_set_option( ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx );
}
rc = ldap_pvt_put_filter( ber, str );
if( rc < 0 ) {
goto done;
}
ber_reset( ber, 1 );
rc = get_filter( op, ber, &f, &text );
done:
ber_free_buf( ber );
return f;
}
int
ldap_create_assertion_control_value(
LDAP *ld,
char *assertion,
struct berval *value )
{
BerElement *ber = NULL;
int err;
if ( assertion == NULL || assertion[ 0 ] == '\0' ) {
ld->ld_errno = LDAP_PARAM_ERROR;
return ld->ld_errno;
}
if ( value == NULL ) {
ld->ld_errno = LDAP_PARAM_ERROR;
return ld->ld_errno;
}
BER_BVZERO( value );
ber = ldap_alloc_ber_with_options( ld );
if ( ber == NULL ) {
ld->ld_errno = LDAP_NO_MEMORY;
return ld->ld_errno;
}
err = ldap_pvt_put_filter( ber, assertion );
if ( err < 0 ) {
ld->ld_errno = LDAP_ENCODING_ERROR;
goto done;
}
err = ber_flatten2( ber, value, 1 );
if ( err < 0 ) {
ld->ld_errno = LDAP_NO_MEMORY;
goto done;
}
done:;
if ( ber != NULL ) {
ber_free( ber, 1 );
}
return ld->ld_errno;
}
BerElement *
ldap_build_search_req(
LDAP *ld,
LDAP_CONST char *base,
ber_int_t scope,
LDAP_CONST char *filter,
char **attrs,
ber_int_t attrsonly,
LDAPControl **sctrls,
LDAPControl **cctrls,
ber_int_t timelimit,
ber_int_t sizelimit )
{
BerElement *ber;
int err;
/*
* Create the search request. It looks like this:
* SearchRequest := [APPLICATION 3] SEQUENCE {
* baseObject DistinguishedName,
* scope ENUMERATED {
* baseObject (0),
* singleLevel (1),
* wholeSubtree (2)
* },
* derefAliases ENUMERATED {
* neverDerefaliases (0),
* derefInSearching (1),
* derefFindingBaseObj (2),
* alwaysDerefAliases (3)
* },
* sizelimit INTEGER (0 .. 65535),
* timelimit INTEGER (0 .. 65535),
* attrsOnly BOOLEAN,
* filter Filter,
* attributes SEQUENCE OF AttributeType
* }
* wrapped in an ldap message.
*/
/* create a message to send */
if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
return( NULL );
}
if ( base == NULL ) {
/* no base provided, use session default base */
base = ld->ld_options.ldo_defbase;
if ( base == NULL ) {
/* no session default base, use top */
base = "";
}
}
#ifdef LDAP_CONNECTIONLESS
if ( LDAP_IS_UDP(ld) ) {
err = ber_write( ber, ld->ld_options.ldo_peer,
sizeof(struct sockaddr), 0);
}
if ( LDAP_IS_UDP(ld) && ld->ld_options.ldo_version == LDAP_VERSION2) {
char *dn = ld->ld_options.ldo_cldapdn;
if (!dn) dn = "";
err = ber_printf( ber, "{ist{seeiib", ++ld->ld_msgid, dn,
LDAP_REQ_SEARCH, base, (ber_int_t) scope, ld->ld_deref,
(sizelimit < 0) ? ld->ld_sizelimit : sizelimit,
(timelimit < 0) ? ld->ld_timelimit : timelimit,
attrsonly );
} else
#endif
{
err = ber_printf( ber, "{it{seeiib", ++ld->ld_msgid,
LDAP_REQ_SEARCH, base, (ber_int_t) scope, ld->ld_deref,
(sizelimit < 0) ? ld->ld_sizelimit : sizelimit,
(timelimit < 0) ? ld->ld_timelimit : timelimit,
attrsonly );
}
if ( err == -1 ) {
ld->ld_errno = LDAP_ENCODING_ERROR;
ber_free( ber, 1 );
return( NULL );
}
if( filter == NULL ) {
filter = "(objectclass=*)";
}
err = ldap_pvt_put_filter( ber, filter );
if ( err == -1 ) {
ld->ld_errno = LDAP_FILTER_ERROR;
ber_free( ber, 1 );
return( NULL );
}
if ( ber_printf( ber, /*{*/ "{v}N}", attrs ) == -1 ) {
ld->ld_errno = LDAP_ENCODING_ERROR;
ber_free( ber, 1 );
return( NULL );
}
/* Put Server Controls */
if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
ber_free( ber, 1 );
return( NULL );
}
if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
ld->ld_errno = LDAP_ENCODING_ERROR;
ber_free( ber, 1 );
return( NULL );
}
return( ber );
}
BerElement *
ldap_build_search_req(
LDAP *ld,
LDAP_CONST char *base,
ber_int_t scope,
LDAP_CONST char *filter,
char **attrs,
ber_int_t attrsonly,
LDAPControl **sctrls,
LDAPControl **cctrls,
ber_int_t timelimit,
ber_int_t sizelimit,
ber_int_t deref,
ber_int_t *idp)
{
BerElement *ber;
int err;
/*
* Create the search request. It looks like this:
* SearchRequest := [APPLICATION 3] SEQUENCE {
* baseObject DistinguishedName,
* scope ENUMERATED {
* baseObject (0),
* singleLevel (1),
* wholeSubtree (2)
* },
* derefAliases ENUMERATED {
* neverDerefaliases (0),
* derefInSearching (1),
* derefFindingBaseObj (2),
* alwaysDerefAliases (3)
* },
* sizelimit INTEGER (0 .. 65535),
* timelimit INTEGER (0 .. 65535),
* attrsOnly BOOLEAN,
* filter Filter,
* attributes SEQUENCE OF AttributeType
* }
* wrapped in an ldap message.
*/
/* create a message to send */
if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
return( NULL );
}
if ( base == NULL ) {
/* no base provided, use session default base */
base = ld->ld_options.ldo_defbase;
if ( base == NULL ) {
/* no session default base, use top */
base = "";
}
}
LDAP_NEXT_MSGID( ld, *idp );
#ifdef LDAP_CONNECTIONLESS
if ( LDAP_IS_UDP(ld) ) {
struct sockaddr sa = {0};
/* dummy, filled with ldo_peer in request.c */
err = ber_write( ber, &sa, sizeof( sa ), 0 );
}
if ( LDAP_IS_UDP(ld) && ld->ld_options.ldo_version == LDAP_VERSION2) {
char *dn = ld->ld_options.ldo_cldapdn;
if (!dn) dn = "";
err = ber_printf( ber, "{ist{seeiib", *idp, dn,
LDAP_REQ_SEARCH, base, (ber_int_t) scope,
(deref < 0) ? ld->ld_deref : deref,
(sizelimit < 0) ? ld->ld_sizelimit : sizelimit,
(timelimit < 0) ? ld->ld_timelimit : timelimit,
attrsonly );
} else
#endif
{
err = ber_printf( ber, "{it{seeiib", *idp,
LDAP_REQ_SEARCH, base, (ber_int_t) scope,
(deref < 0) ? ld->ld_deref : deref,
(sizelimit < 0) ? ld->ld_sizelimit : sizelimit,
(timelimit < 0) ? ld->ld_timelimit : timelimit,
attrsonly );
}
if ( err == -1 ) {
ld->ld_errno = LDAP_ENCODING_ERROR;
ber_free( ber, 1 );
return( NULL );
}
if( filter == NULL ) {
filter = "(objectclass=*)";
}
err = ldap_pvt_put_filter( ber, filter );
if ( err == -1 ) {
ld->ld_errno = LDAP_FILTER_ERROR;
ber_free( ber, 1 );
return( NULL );
}
#ifdef LDAP_DEBUG
if ( ldap_debug & LDAP_DEBUG_ARGS ) {
char buf[ BUFSIZ ], *ptr = " *";
if ( attrs != NULL ) {
int i, len, rest = sizeof( buf );
for ( i = 0; attrs[ i ] != NULL && rest > 0; i++ ) {
ptr = &buf[ sizeof( buf ) - rest ];
len = snprintf( ptr, rest, " %s", attrs[ i ] );
rest -= (len >= 0 ? len : (int) sizeof( buf ));
}
if ( rest <= 0 ) {
AC_MEMCPY( &buf[ sizeof( buf ) - STRLENOF( "...(truncated)" ) - 1 ],
"...(truncated)", STRLENOF( "...(truncated)" ) + 1 );
}
ptr = buf;
}
Debug( LDAP_DEBUG_ARGS, "ldap_build_search_req ATTRS:%s\n", ptr, 0,0 );
}
#endif /* LDAP_DEBUG */
if ( ber_printf( ber, /*{*/ "{v}N}", attrs ) == -1 ) {
ld->ld_errno = LDAP_ENCODING_ERROR;
ber_free( ber, 1 );
return( NULL );
}
/* Put Server Controls */
if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
ber_free( ber, 1 );
return( NULL );
}
if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
ld->ld_errno = LDAP_ENCODING_ERROR;
ber_free( ber, 1 );
return( NULL );
}
return( ber );
}
